iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Australian Cyber Security Centre and Fortinet warn of active exploitation of vulnerability affecting multiple versions of Fortinet’s FortiClient EMS server platform.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has released a critical alert regarding a vulnerability in Fortinet’s FortiClient EMS.
The vulnerability – CVE-2023-48788 – affects versions 7.2 to 7.2.2 and 7.0 to 7.0.10 of FortiClient EMS and can allow a threat actor to execute code remotely.
“An improper neutralisation of special elements used in an SQL Command (“SQL Injection”) vulnerability [CWE-89] in FortiClient EMS may allow an unauthenticated attacker to execute unauthorised code or commands via specifically crafted requests,” Fortinet said of the flaw in its own advisory.
While Fortinet has made a patch available, the ACSC and Fortinet have said that the vulnerability is currently being exploited in the wild.
“Australian organisations should review their networks for use of vulnerable instances of the FortiClient EMS and apply patches available from Fortinet,” the ACSC said in its Friday, 22 March advisory.
The flaw was first discovered in early March while researchers with the Horizon3 Attack Team developed a proof of concept, functional exploit on 21 March, a day before the ACSC released its critical alert.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
